package com.systop.dxjj.common.config;


import com.systop.dxjj.common.filter.JwtAuthenticationTokenFilter;
import com.systop.dxjj.common.pojo.error.AccessDeniedHandlerImpl;
import com.systop.dxjj.modules.student.service.impl.StudentUserDetailsService;
import com.systop.dxjj.modules.teacher.service.impl.TeacherUserDetailsService;
import com.systop.dxjj.modules.user.service.impl.UserDetailsServices;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Primary;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.ProviderManager;
import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.crypto.password.NoOpPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;

import javax.annotation.Resource;

@EnableWebSecurity
@Configuration
public class SpringsecurityConfig {
    @Resource
    TeacherUserDetailsService teacherUserDetailsService;

    @Autowired
    private StudentUserDetailsService studentUserDetailsService;

    @Autowired
    private UserDetailsServices userDetailsServices;

    @Autowired
    JwtAuthenticationTokenFilter jwtAuthenticationTokenFilter;


    @Autowired
    AuthenticationEntryPoint authenticationEntryPoint;
    @Autowired
    AccessDeniedHandlerImpl accessDeniedHandler;


    //加密方式
    @Bean
    public PasswordEncoder passwordEncoder() {
        return NoOpPasswordEncoder.getInstance();
    }

    //认证
//    @Override
//    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
////        auth.authenticationProvider(selfAuthenticationProvider);
//        auth
//                .userDetailsService(teacherUserDetailsService)
//                .passwordEncoder(passwordEncoder);
//    }

    //过滤策略
    @Bean
    public SecurityFilterChain configure(HttpSecurity http) throws Exception {
        http
                //关闭csrf
                .csrf().disable()
                //不通过Session获取SecurityContext
                .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
                .and()
                .authorizeRequests()
                // 对于登录接口 允许匿名访问
                .antMatchers("/teacher/login","/student/login","/user/login","/insertTeach","/insertStudent").anonymous()
                .antMatchers("/doc.html","/webjars/**","/webjars/bycdao-ui/**","/**/*.js").permitAll()
                .antMatchers("/swagger-ui.html","/swagger-resources/**","/*/api-docs").permitAll()
                // 除上面外的所有请求全部需要鉴权认证
                .anyRequest().authenticated()
                .and()
                //将jwt过滤器添加到UsernamePasswordAuthenticationFilter之前
                .addFilterBefore(jwtAuthenticationTokenFilter, UsernamePasswordAuthenticationFilter.class)
                //配置自定义异常处理器
                .exceptionHandling()
                //认证失败处理器
                .authenticationEntryPoint(authenticationEntryPoint)
                //授权失败处理器
                .accessDeniedHandler(accessDeniedHandler);

        return http.build();
    }



    @Bean(name = "teaauthenticationManagerBean")
    public AuthenticationManager teaauthenticationManagerBean() throws Exception {
        DaoAuthenticationProvider daoAuthenticationProvider = new DaoAuthenticationProvider();
        //关联userDetailsService
        daoAuthenticationProvider.setUserDetailsService(teacherUserDetailsService);
        //关联密码管理器
        daoAuthenticationProvider.setPasswordEncoder(passwordEncoder());
        return new ProviderManager(daoAuthenticationProvider);
        //        return super.authenticationManagerBean();
    }
    @Primary
    @Bean(name = "stuauthenticationManagerBean")
    public AuthenticationManager stuauthenticationManagerBean() throws Exception {
        DaoAuthenticationProvider daoAuthenticationProvider = new DaoAuthenticationProvider();
        //关联userDetailsService
        daoAuthenticationProvider.setUserDetailsService(studentUserDetailsService);
        //关联密码管理器
        daoAuthenticationProvider.setPasswordEncoder(passwordEncoder());
        return new ProviderManager(daoAuthenticationProvider);
    }
    @Bean(name = "useauthenticationManagerBean")
    public AuthenticationManager useauthenticationManagerBean() throws Exception {
        DaoAuthenticationProvider daoAuthenticationProvider = new DaoAuthenticationProvider();
        //关联userDetailsService
        daoAuthenticationProvider.setUserDetailsService(userDetailsServices);
        //关联密码管理器
        daoAuthenticationProvider.setPasswordEncoder(passwordEncoder());
        return new ProviderManager(daoAuthenticationProvider);
    }
}
